CVE-2021-1892 : Memory corruption due to improper input validation while processing IO control w

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Published 2021-04-07 08:15:15

Updated 2022-06-28 14:11:45

Source Qualcomm, Inc.

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2021-1892

Qualcomm » Qca6174a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6174a » Version: N/A
Qualcomm » Qca9377 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9377 » Version: N/A
Qualcomm » Sd835 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd835 » Version: N/A
Qualcomm » Sd845 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd845 » Version: N/A
Qualcomm » Sd850 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd850 » Version: N/A
Qualcomm » Qcn7605 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn7605 » Version: N/A
Qualcomm » Qca6174 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6174 » Version: N/A
Qualcomm » Qcn7606 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcn7606 » Version: N/A
Qualcomm » Aqt1000 Firmware » Version: N/A
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Aqt1000 » Version: N/A
Qualcomm » Pm8005 Firmware » Version: N/A
cpe:2.3:o:qualcomm:pm8005_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Pm8005 » Version: N/A
Qualcomm » Pm855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:pm855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Pm855 » Version: N/A
Qualcomm » Pm855p Firmware » Version: N/A
cpe:2.3:o:qualcomm:pm855p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Pm855p » Version: N/A
Qualcomm » Pm8998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:pm8998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Pm8998 » Version: N/A
Qualcomm » Pmi8998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:pmi8998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Pmi8998 » Version: N/A
Qualcomm » Qat3550 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qat3550_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qat3550 » Version: N/A
Qualcomm » Qca1062 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca1062 » Version: N/A
Qualcomm » Qca1064 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca1064 » Version: N/A
Qualcomm » Qca2066 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca2066 » Version: N/A
Qualcomm » Qca6164 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6164_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6164 » Version: N/A
Qualcomm » Qca6310 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6310 » Version: N/A
Qualcomm » Qca6335 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6335 » Version: N/A
Qualcomm » Qca6391 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6391 » Version: N/A
Qualcomm » Qca6420 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6420 » Version: N/A
Qualcomm » Qca6430 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6430 » Version: N/A
Qualcomm » Qca6595au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6595au » Version: N/A
Qualcomm » Qet4100 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qet4100_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qet4100 » Version: N/A
Qualcomm » Qfe2081fc Firmware » Version: N/A
cpe:2.3:o:qualcomm:qfe2081fc_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qfe2081fc » Version: N/A
Qualcomm » Qfe2082fc Firmware » Version: N/A
cpe:2.3:o:qualcomm:qfe2082fc_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qfe2082fc » Version: N/A
Qualcomm » Qfe3100 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qfe3100_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qfe3100 » Version: N/A
Qualcomm » Qfe3440fc Firmware » Version: N/A
cpe:2.3:o:qualcomm:qfe3440fc_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qfe3440fc » Version: N/A
Qualcomm » Qfe4455fc Firmware » Version: N/A
cpe:2.3:o:qualcomm:qfe4455fc_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qfe4455fc » Version: N/A
Qualcomm » Qln1035bd Firmware » Version: N/A
cpe:2.3:o:qualcomm:qln1035bd_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qln1035bd » Version: N/A
Qualcomm » Sd8c Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd8c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd8c » Version: N/A
Qualcomm » Sd8cx Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd8cx_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd8cx » Version: N/A
Qualcomm » Sdr8150 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdr8150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdr8150 » Version: N/A
Qualcomm » Smb1350 Firmware » Version: N/A
cpe:2.3:o:qualcomm:smb1350_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Smb1350 » Version: N/A
Qualcomm » Smb1351 Firmware » Version: N/A
cpe:2.3:o:qualcomm:smb1351_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Smb1351 » Version: N/A
Qualcomm » Smb1380 Firmware » Version: N/A
cpe:2.3:o:qualcomm:smb1380_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Smb1380 » Version: N/A
Qualcomm » Smb1381 Firmware » Version: N/A
cpe:2.3:o:qualcomm:smb1381_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Smb1381 » Version: N/A
Qualcomm » Smb1390 Firmware » Version: N/A
cpe:2.3:o:qualcomm:smb1390_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Smb1390 » Version: N/A
Qualcomm » Smb2351 Firmware » Version: N/A
cpe:2.3:o:qualcomm:smb2351_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Smb2351 » Version: N/A
Qualcomm » Wcd9335 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9335 » Version: N/A
Qualcomm » Wcd9340 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9340 » Version: N/A
Qualcomm » Wcd9341 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9341 » Version: N/A
Qualcomm » Wcn3990 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3990 » Version: N/A
Qualcomm » Wcn3998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3998 » Version: N/A
Qualcomm » Wcn6850 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6850 » Version: N/A
Qualcomm » Wcn6851 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6851 » Version: N/A
Qualcomm » Wcn6855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6855 » Version: N/A
Qualcomm » Wcn6856 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6856 » Version: N/A
Qualcomm » Wgr7640 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wgr7640_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wgr7640 » Version: N/A
Qualcomm » Wsa8810 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8810 » Version: N/A
Qualcomm » Wsa8815 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8815 » Version: N/A
Qualcomm » Wtr5975 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wtr5975_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wtr5975 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-1892

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 8 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-1892

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.5	5.9	Qualcomm, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-1892

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-1892

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

April 2021 Security Bulletin | Qualcomm
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-1892

Products affected by CVE-2021-1892

Exploit prediction scoring system (EPSS) score for CVE-2021-1892

CVSS scores for CVE-2021-1892

CWE ids for CVE-2021-1892

References for CVE-2021-1892